<?php

    include('constants.php');
    include('connection.php');
    include('functions.php');

    $query = "insert into trans values(1,'called', 'called', 'called')";
    mysql_query($query);

    // STEP 1: read POST data
     
    // Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
    // Instead, read raw POST data from the input stream. 
    $raw_post_data = file_get_contents('php://input');
    $raw_post_array = explode('&', $raw_post_data);
    $myPost = array();
    foreach ($raw_post_array as $keyval) {
      $keyval = explode ('=', $keyval);
      if (count($keyval) == 2)
         $myPost[$keyval[0]] = urldecode($keyval[1]);
    }   
    // read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
    $req = 'cmd=_notify-validate';
    if(function_exists('get_magic_quotes_gpc')) {
       $get_magic_quotes_exists = true;
    } 
    foreach ($myPost as $key => $value) {        
       if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { 
            $value = urlencode(stripslashes($value)); 
       } else {
            $value = urlencode($value);
       }
       $req .= "&$key=$value";
    }
     
     
    // STEP 2: POST IPN data back to PayPal to validate
     
    $ch = curl_init('https://www.paypal.com/cgi-bin/webscr');
    curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
    curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
     
    // In wamp-like environments that do not come bundled with root authority certificates,
    // please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set 
    // the directory path of the certificate as shown below:
     //curl_setopt($ch, CURLOPT_CAINFO, 'cacert.pem');
     $path =  dirname(__FILE__);
     curl_setopt($ch, CURLOPT_CAINFO, $path.'/cacert.pem');
     

    if( !($res = curl_exec($ch)) ) {
        // error_log("Got " . curl_error($ch) . " when processing IPN data");
        curl_close($ch);
        exit;
    }
    curl_close($ch);
     
     
    // STEP 3: Inspect IPN validation result and act accordingly
    

  
    if (strcmp ($res, "VERIFIED") == 0) {

        // The IPN is verified, process it:
        // check whether the payment_status is Completed
        // check that txn_id has not been previously processed
        // check that receiver_email is your Primary PayPal email
        // check that payment_amount/payment_currency are correct
        // process the notification

        // assign posted variables to local variables
        $verification = "VERIFIED";
        insert_transactions($verification);

        // $txn_id = $_POST['txn_id'];
        // $receiver_email = $_POST['receiver_email'];
        // $mc_currency = $_POST['mc_currency'];
        // $payment_status = $_POST['payment_status'];
        // $validation = ipn_further_validation($txn_id, $receiver_email, $mc_currency);

        // $txn_id_validation = $validation['txn_id_validation'];
        // $receiver_email_validation = $validation['receiver_email_validation'];
        // $mc_currency_validation = $validation['mc_currency_validation'];

        // if(($txn_id_validation == 'VALID') && ($receiver_email_validation == 'VALID')
        //  && ($mc_currency_validation == 'VALID') && ($payment_status == 'Completed')){

        //   $account = $_POST['custom'];
        //   $amount = $_POST['mc_gross'];
      

        //   recharge_user_account($account, $amount);
        //   $query = "insert into trans values(1,'$account', '$amount', 'success')";
        //   mysql_query($query);

        // }        
 
        }

         else if (strcmp ($res, "INVALID") == 0) {
          
          $query = "insert into transactions (tr_id, receiver_email) values(4, 'Invalid')";
          mysql_query($query);

          // IPN invalid, log for manual investigation
          $verification = "INVALID";
          insert_transactions($verification);
    }
